Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x.

Remediation

References

CVE-2015-7293

Related Vulnerabilities

WordPress Plugin LittleBot ACH for Stripe + Plaid Unspecified Vulnerability (1.2.6)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3578)

WordPress Plugin Are You a Human-The Fun Spam Blocker Cross-Site Scripting (1.4.32)

WordPress Plugin Theme Tweaker Cross-Site Request Forgery (5.20)

WordPress Plugin YITH WooCommerce PDF Invoice and Shipping List Security Bypass (1.2.12)

Severity

High

Classification

CVE-2015-7293 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities